PoisonSeed Tricking Users Into Bypassing FIDO Keys With QR Codes
PoisonSeed group tricks users into bypassing FIDO Keys by misusing QR code logins, highlighting new social engineering risk to secure MFA.
Privacy
New Mobile Phone Forensics Tool
The Chinese have a new tool called Massistant.
- Massistant is the presumed successor to Chinese forensics tool, “MFSocket”, reported in 2019 and attributed to publicly traded cybersecurity company, Meiya Pico.
- The forensics tool works in tandem with a corresponding desktop software.
- Massistant gains access to device GPS location data, SMS messages, images, audio, contacts and phone services.
- Meiya Pico maintains partnerships with domestic and international law enforcement partners, both as a surveillance hardware and software provider, as well as through training programs for law enforcement personnel…
Buy Now, Pay Later… with your data
Buy Now, Pay Later (BNPL) apps are everywhere these days. Whether you’re buying sneakers or groceries, chances are you’ve seen the option to split your payments over time. It’s quick and easy. But behind the convenience is a growing privacy concern tha…
Massive Data Leak at Texas Adoption Agency Exposes 1.1 Million Records
Texas adoption agency suffers major data leak, exposing over 1.1M sensitive records including case notes, contact info, and internal communications to public without any security authentication or password.
Security Vulnerabilities in ICEBlock
The ICEBlock tool has vulnerabilities:
The developer of ICEBlock, an iOS app for anonymously reporting sightings of US Immigration and Customs Enforcement (ICE) officials, promises that it “ensures user privacy by storing no personal data.” But that claim has come under scrutiny. ICEBlock creator Joshua Aaron has been accused of making false promises regarding user anonymity and privacy, being “misguided” about the privacy offered by iOS, and of being an Apple fanboy. The issue isn’t what ICEBlock stores. It’s about what it could accidentally reveal through its tight integration with iOS…
Trial Opens Against Meta CEO Mark Zuckerberg and Other Leaders Over Facebook Privacy Violations
An $8 billion class action investors’ lawsuit against Meta stemming from the 2018 privacy scandal involving the Cambridge Analytica political consulting firm.
The post Trial Opens Against Meta CEO Mark Zuckerberg and Other Leaders Over Facebook Privacy…
Machine unlearning gets a practical privacy upgrade
Machine learning models are everywhere now, from chatbots to credit scoring tools, and they carry traces of the data they were trained on. When someone asks to have their personal data erased under laws like the GDPR, their data also needs to be wiped …
Meta argues its AI needs personal information from social media posts to learn ‘Australian concepts’
Tech giant says posts from Australian Facebook and Instagram users are ‘vital learning’ about ‘concepts, realities, and figures’Follow our Australia news live blog for latest updatesGet our breaking news email, free app or daily news podcastMeta has ur…
How Secure Is Online Fax: Privacy and Data Protection Standards
When it comes to sharing sensitive documents online, security sits at the top of everyone’s checklist. Online faxing is…
UK Pet Owners Targeted by Fake Microchip Renewal Scams
Microchip renewal scam targets UK pet owners using leaked data from insecure registries. Emails appear legit but aim to steal money and personal info.